1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
New Jersey Attorney General Matthew Platkin announced that New Jersey is joining a coalition of 22 states in suing Uber for deceptive practices related to its Uber One subscription service. The lawsuit alleges that Uber enrolled consumers without their knowledge and made cancellation extremely difficult, seeking restitution, penalties, and an injunction under New Jersey's Consumer Fraud Act and the Restore Online Shoppers' Confidence Act.
New Jersey Attorney General Matthew Platkin is leading a bipartisan coalition of 42 attorneys general in sending a letter to 13 tech companies, demanding that they implement safeguards for their AI chatbots to prevent harmful interactions such as sexually explicit conversations with children, encouraging self-harm, and spurring violence, following reports of serious incidents including deaths and self-harm.
Blackbaud, a software company, experienced a ransomware attack in 2020 that exposed sensitive personal information, including protected health data, due to inadequate security practices and delayed breach notification. A multistate investigation resulted in a $49.5 million settlement, requiring Blackbaud to enhance data security, implement breach response plans, and undergo third-party assessments.
$49.5M
Google settled with 40 state attorneys general over allegations that it misled consumers about location tracking practices. Google will pay $391.5 million and must enhance transparency and user controls for location data collection.
$391.5M
New Jersey participated in a multi-state settlement resolving an investigation into a 2017 data breach at Sabre Hospitality Solutions. Intruders accessed the company's hotel booking system from August 2016 to March 2017, compromising data from over 1.3 million consumer credit cards, including CVV numbers and expiration dates. Sabre failed to promptly notify affected consumers. The $2.4 million settlement requires Sabre to implement enhanced data security measures, develop a breach notification plan, clarify contractual responsibilities with client hotels, and undergo third-party security assessments.
$2.4M
Uber Technologies, Inc. agreed to pay $148 million to settle a multi-state investigation into a data breach that compromised personal information of riders and drivers. The breach occurred in November 2016 but was not disclosed until November 2017. Uber must adopt new policies to safeguard consumer data.
$148.0M
Lightyear Dealer Technologies (DealerBuilt) settled an investigation into a 2016 data breach where a misconfigured file system exposed personal data, including social security numbers and bank information, of thousands of auto dealership customers nationwide. The settlement includes an $80,784 payment (with $20,000 suspended) and mandatory cybersecurity reforms.
$49K
Meitu, Inc. allegedly violated COPPA and the New Jersey Consumer Fraud Act by collecting personal information from children under 13 without parental consent. The settlement requires Meitu to pay a $100,000 civil penalty, update its privacy policies, and modify its apps to block data collection from children.
$100K
The New Jersey Attorney General announced an investigation into how the personal information of millions of Facebook users was harvested and obtained by Cambridge Analytica, a UK-based data analytics company. The AG expressed concern that Facebook may have allowed the harvesting and monetization of user data despite promises to keep it secure.
New Jersey joined 31 other states and the FTC in a $3.5 million settlement with Lenovo for pre-installing VisualDiscovery ad software on laptops that created a 'man-in-the-middle' security vulnerability, intercepting users' encrypted data without adequate disclosure or opt-out mechanisms. The settlement requires Lenovo to improve transparency, obtain affirmative consent, provide effective opt-out tools, and implement a long-term security compliance program with independent audits.
$3.5M
VIZIO and Inscape settled allegations that they collected viewing data from Smart TVs without adequate disclosure and consent, selling it to third parties. They agreed to pay $1 million to New Jersey, destroy collected data, and implement privacy measures including obtaining consumer consent and establishing a privacy program.
$1.0M
The New Jersey Division of Consumer Affairs settled with DealerApp, a mobile app developer for auto dealerships, for allegedly collecting and transmitting consumer personal information without notice or consent. DealerApp agreed to pay a $38,000 civil penalty and implement measures to disclose data practices and obtain consent for third-party sharing.
$38K
The New Jersey Attorney General and FTC settled with app developer Equiliv Investments and Ryan Ramminger for distributing the Prized app that contained malware to mine cryptocurrency without user consent. The settlement prohibits such activities, requires record-keeping for 20 years, and imposes a $5,200 penalty with an additional $44,800 suspended.
$5K
The New Jersey Division of Consumer Affairs obtained a consent decree against Jeremy Rubin, developer of Tidbit Bitcoin-mining software, for accessing New Jersey computers without users' knowledge or consent. The settlement includes a suspended $25,000 monetary penalty and prohibits future unauthorized access, requiring clear notification and verifiable consent.
$25K
The New Jersey Attorney General settled with Dokogeo, the developer of the Dokobots app, for violating COPPA by collecting personal information from children without parental consent. The settlement requires Dokogeo to disclose its data practices, stop collecting children's data, delete existing children's data, and pay a suspended $25,000 penalty.
$25K
Dataium settled allegations that it used history sniffing to track consumers' online browsing without consent and sold personal data of 400,000 consumers to a data broker without notice. The settlement imposes a $400,000 monetary penalty, requires a privacy program, and mandates transparency and opt-out mechanisms.
$400K
New Jersey joined a multi-state settlement with Google alleging that Google circumvented Safari browser's default privacy settings to plant third-party cookies without user consent. Google agreed to pay $17 million and implement injunctive relief to prevent such conduct and improve transparency.
$17.0M
Google settled multi-state allegations that it collected personal data from unsecured wireless networks during Street View operations without user consent. The settlement requires Google to destroy the collected data, refrain from future non-consensual collection, implement a 10-year employee privacy training program, and run a public advertising campaign. New Jersey's share of the settlement is approximately $147,000.
All data sourced from official government enforcement pages.